Data Use Notice

This Data Use Notice applies when We supply Our Solution to You. Our Solution, which is known as Omega Life and Omega Life Plus (this Data Use Notice applies to both) are software based solutions which enable the movements and activities of an individual (who is often vulnerable or at risk) to be analysed to build up a picture of the individual’s daily routine. If an individual’s movements and/or activities are outside of their usual routine, nominated users (such as family, friends and/or carers) can determine if further action is needed. In this Data Use Notice and the Terms, this individual is referred to as the “Beneficiary”. So that the Solution can operate properly, it will be necessary for certain monitoring equipment (the “Equipment”) to be installed in the property where the Beneficiary resides. The monitoring equipment will collect information about the movements and activities of the Beneficiary. It will also be necessary for Us to process personal information (which may include some medical information) about the Beneficiary and those persons utilising the Solution for the benefit of the Beneficiary. The Solution will not operate properly unless We are able to do these things. This Data Use Notice, together with the Terms, set out how We will handle personal information collected through the Solution in accordance with the legal rights of all individuals concerned. Please read this Data Use Notice and the Terms carefully and contact Us (using the details below) if You have any questions.

This Data Use Notice explains how We, Omega Analytic Systems Limited, will handle Your personal information and the personal information of anyone receiving the benefit of the Solution when You download the Application (the “Application”) associated with our software solution known as Omega Life and/or Omega Life Plus (the “Solution”). We are committed to protecting and respecting the privacy of anyone who uses or receives the benefit of Our Solution. However, in order to use the Application and Our Solution properly, it is necessary for Us to process Your personal information, the personal information of any persons using the Solution (“Authorised Users”) and the individual who will be monitored in order to receive the benefit of the Solution (the “Beneficiary”). We recommend You read this Data Use Notice in conjunction with the Terms which relate to the Solution.

You must inform the Beneficiary (being the individual who will be monitored) that the Equipment needed to monitor the Beneficiary will be installed in the property in which they reside (the “Premises”). You must bring this Data Use Notice to the attention of the Beneficiary, and to the extent that it is possible, obtain the consent of the Beneficiary to Us processing their personal information for the purpose of supplying the Solution. Where the Beneficiary is incapable of understanding this Data Use Notice and/or giving their consent, You must notify and obtain the consent of any person who has been appointed to act on behalf of and/or to represent the interests of the Beneficiary as a result of:

Written consent from the above person(s) must be obtained for the use of the Solution (including the installation of Equipment which will monitor the movements of the Beneficiary) and for the processing of the Beneficiary’s personal information in accordance with this Data Use Notice.

The General Data Protection Regulation ((EU) 2016/679) (GDPR) (which came into effect on 25thMay 2018) gave data subjects (living individuals in respect of whom personal data is processed) enhanced rights and protections in relation to their personal data and how that personal data is used. We are committed to safeguarding the privacy of the persons using Our Solution or receiving the benefit of Our Solution. Therefore, We have prepared this Data Use Notice so We are completely clear as to what personal data We collect, why We collect that personal data and how We handle it. We, Omega Analytics Systems Limited of Crown Works, Parry Lane, Bradford, BD4 8TJ are the Data Controller (as that term is defined in data protection legislation).

Please read this Data Use Notice carefully. By using the Solution You are accepting and consenting to the practices described in this Data Use Notice.

1. What information do We collect?

We may process the following personal data:

Beneficiary’s Personal Data

Personal Data of the Beneficiary

How and why We process this Personal Data

Registration Data:When You register to use the Solution We will ask You to supply information relating to the Beneficiary including the Beneficiary’s name, place of residence (or the address at which the Equipment is to be installed, if this is different) and details of any medical conditions which may be relevant (for example, if the Beneficiary is suffering from dementia or another illness which may make them vulnerable if they were to leave their place of residence unexpectedly or alone).

It is necessary for Us to process this information in order to be able to properly provide the Solution and fulfil Our contractual obligations. Unless We have this information We are unable to provide the Solution in an effective manner. Therefore Our legal basis for processing this information is Our legitimate interest and, where You have entered into a contract with Us, in order to fulfil Our contract with You.

Data collected whilst the Solution is operating:When the Equipment has been installed We will start monitoring the Beneficiary. We will collect information regarding the Beneficiary’s movements and activities and this information will be collated to build a picture of the Beneficiary’s day to day movements. You and the Authorised Users will be able to access this information through the Application.

It is necessary for Us to process this Information in order to be able to provide the Solution. Therefore Our justification for processing the personal information is Our legitimate interest and fulfilment of Our contract with You.

Authorised User’s Personal Data and Your Personal Data

Personal Data of the person entering into the Contract with Us and any Authorised Users:

How and why We process this Personal Data

Customer Account information:Information about You which relates to Your account with Us. This information may include Your name, address, Your email address and Your telephone and/or mobile number.

We will process this data to maintain Your account with Us, to provide Our Solution to You, to communicate with You and to back up Our database. The reason We process this data is to ensure the proper administration of Your account and Our business (Our legitimate interest) and, where You have entered into a Contract with Us, for the purposes of fulfilling Our contract with You.

Registration Information:Information You provide when You register to use Our Solution through the Application and when You report a problem with Our Solution. The information You give Us may include Your name, address, e-mail address and phone number.

We will process this data to ensure You can access the Solution, or to address Your query or concern. The reason We process this data is to ensure the proper administration of Your registration and Our business (Our legitimate interest) and where We have entered into a contract with You, to fulfil Our contract with You.

Transaction Data:When You purchase the Solution from Us, You will need to provide certain information to Us so that We can install the Equipment and supply the Solution. The information You supply to Us may include Your name, Your contact details, Your card details or bank details, the address at which the Equipment is to be installed and other information relevant to Your transaction. We will only require this information from the person entering into the Contract with Us, who is paying for the Solution.

We will process that data in order to perform Our contract with You and to fulfil the transaction and to administer Your account (Our legitimate interest).

Communication Data:If You communicate with Us, We may process the information contained in Your communication. This information may include Your name and contact information, the content of Your communication and any metadata Our website generates where You communicate with Us using the contact form available on Our website.

We will process that information so We can correspond with You and keep records of such correspondence. The reason We are processing this data is to ensure the proper administration of our business (our legitimate interest).

Regulatory Data:We may process Your data if We need to do so in order to comply with Our legal and/or regulatory obligations, so that We can protect the vital interests of You or another natural person.

The reason We will process such data is to protect the vital interests of You or another natural person.

2. When will We disclose Your personal data to others?

2.1We may need to share Your personal information with members of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. These terms are defined in section 1159 of the UK Companies Act 2006. We will only share such personal information where this is necessary for the purposes set out in this policy.

2.2We may need to share Your personal information with certain selected third parties including:

  1. Our business partners, suppliers and sub-contractors for the purpose of performing any contract We have with You or them In particular, We use third party companies to process Your personal data in order to process payments on Our behalf (this is done by Stripe, Inc and/or PayPal (Europe) S.à.r.l.) to provide cloud based services for Us to ensure We can make the Solution available through the internet (this is done by Amazon Web Services, Inc), to deliver the Equipment, to install the Equipment on Our behalf and to enable Our insurer’s to process a case if a customer makes a claim against Us,;

2.3We will also disclose Your personal information to third parties in the following circumstances:

  1. If We sell or buy any business or assets, in which case We may need to disclose certain personal data to the prospective seller or buyer of such business or assets.
  2. If all or most of Our assets are acquired by a third party, in which case personal data held by Us about Our customers will be one of the transferred assets.
  3. If We are under a duty to disclose or share Your personal data in order to comply with any legal obligation, or in order to enforce any legal agreement We have with You; or to protect Our rights or property, or the safety of Us, Our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

3. Where do We store Your personal data?

We will always try to ensure that Your personal data is processed within the European Economic Area. In some circumstances this will not be possible. In circumstances where it is necessary for Us to transfer Your personal outside the European Economic Area, We will only transfer such personal data to third parties where We have carried out due diligence on such third parties to ensure they will protect Your personal data using similar standards and safeguards as We have. We will also have contractual provisions in place with such third parties to ensure Your personal data is protected. Such contractual provisions will be based on the standard contractual clauses approved by the European Commission for the transfer of data outside the EEA or such other appropriate standards as are required from time to time by the European Commission or the UK Government. You consent to the transfer of Your personal data outside of the EEA, as long as We comply with these requirements.

All information You provide to Us is stored on Our secure cloud based servers. Any payment transactions will be encrypted. Where We have given You (or where You have chosen) a password which enables You to access certain parts of Our Solution, You are responsible for keeping this password confidential. We ask You not to share a password with anyone.

We will do Our best to protect Your personal data. We will maintain robust and appropriate technical and organisational measures to protect the personal data. Once We have received any personal data, We will use strict procedures and security features to try to prevent unauthorised access.

4. Storage and deletion of personal data

  1. We will only retain Your personal information for as long as necessary to fulfil the purposes for which We collected it which will include satisfying any legal, accounting, or reporting requirements. Any personal data that We process will be deleted from Our systems once We have completed the purpose for which We were processing the personal data. However, You should be aware that We will hold personal data relating to You (and any Authorised Users and the Beneficiary for as long as You are using the Solution and this will be until Our relationship with You comes to an end).
  2. To determine the appropriate retention period for personal data, We consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of Your personal data, the purposes for which We process Your personal data and whether We can achieve those purposes through other means, and the applicable legal requirements. We will take into consideration a number of factors such as Your relationship with Us, Your engagement with Us, and the fulfilment of contracts We have with You. The information We collect in respect of the movements and activities of the Beneficary will be retained for a period of two years after it is recorded. We have determined that this is a reasonable period to retain this information on the basis that two years worth of such data is a sufficient period to demonstrate any changes in the regular routine or behaviours of the Beneficiary. Such data may, on request by You and the Beneficiary, be supplied to a future care provider of the Beneficiary to support any future care arrangements for the Beneficiary. After this two year period, personal data relating to a Beneficaries movements and activities will be deleted, and any associated information will be completely anonymised.
  3. We may need to retain Your personal data where this is necessary to comply with Our legal or regulatory obligations, or to protect the vital interest or the vital interests of another natural person.

5. Data security

We have appropriate security measures in place to prevent personal information from being accidentally lost or from being used or accessed in an unauthorised way. We limit access to personal information to those who have a genuine business need to know it. Those processing personal information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify You and any applicable regulator of a suspected data security breach where We are legally required to do so.

6.Your rights (and these rights apply to the Beneficiary and the Authorised Users)

6.1Under data protection laws You (and the Beneficiary and the Authorised Users) have the following fundamental rights:

  1. The right to access the personal data We hold about the relevant individual;
  2. The right to have their personal data corrected if there are errors or inaccuracies in it, or their personal data is incomplete;
  3. The right to restrict the processing We carry out in relation to their personal data;
  4. The right to object to the processing We carry out in relation to their personal data;
  5. The right to have the personal data We hold about them provided to them in a useable format;
  6. The right to complain to a supervisory authority (in the UK this is the Information Commissioner’s Office) about how and/or why We are processing their personal data;
  7. The right to tell Us they no longer consent to Us processing their personal data. However, You should be aware that if We are unable to process personal information, We may no longer be able to provide the Solution to You properly, in which case We may need to end Our contract with You.

6.2You, the Authorised Users and the Beneficiary (or the Beneficiary’s representative) can ask Us to provide them with details of any personal data We hold about them. There is no obligation to pay Us a fee to access Your personal data unless We believe an access request is unfounded, repetitive or excessive. In this case We may charge the applicant a reasonable fee to access the applicable personal data or We may decide not to comply with their request. We will notify the applicant if this is the case. We will require the applicant to provide appropriate evidence of their identity before We respond to their request. Typically this identification evidence will be a photocopy of their passport or photo driving licence, which a solicitor or bank has certified as being a true copy of the original and a copy of a recent utility bill detailing their current address.

6.3If You think that any of the data We hold is incorrect or inaccurate, You can contact Us to correct such data. Please contact Our data protection officer atdpo@omegaanalyticsystems.co.ukfor these purposes.

7. Changes to our Data Use Notice

Any changes We make to this Data Use Notice in the future will be notified to You.

8. Information about Us

This Data Use Notice relates to Omega Analytic Systems Limited (company registration number 10463217). The registered office address is Crown Works, Parry Lane, Bradford, BD4 8TJ. We can be contacted by post at Crown Works, Parry Lane, Bradford, BD4 8TJ, using our website contact form www.omega-life.co.uk/contact by phone 01274 288 937 or by email contact@omega-life.co.uk.

Our data protection officer can be contacted atdpo@omegaanalyticsystems.co.uk.

9. Any questions?

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to

Omega Analytic Systems Limited
Data Protection Department
Crown Works,
Parry Lane,
Bradford,
BD4 8TJ

Email: contact@omega-life.co.uk

Phone: 01274 288937